Feng Forum

Support => Feng Office 2 => : mmccarn November 02, 2011, 09:38:24 AM

: LDAP Authentication in fengoffice 2.0beta2
: mmccarn November 02, 2011, 09:38:24 AM

Attempting to use LDAP authentication in fengoffice 2.0beta 2 generates the following error in my system's '/var/log/messages':

:

PHP Fatal error:  Call to undefined method Contact::isValidPasswordLdap() in <FENGROOT>/application/controllers/AccessController.class.php on line 115
To fix this, I added the 'isValidPasswordLdap' function from the ldap 1.6.2 patch into <FENGROOT>/application/models/contacts/Contact.class.php, which eliminated the above error.

That is, after applying the patch described below, I can authenticate pre-created users against an LDAP server as defined in <FENGROOT>/config/ldap.config.php.

:

diff -u application/models/contacts/Contact.class.php.2.0beta2 application/models/contacts/Contact.class.php produces the following output:

:

--- application/models/contacts/Contact.class.php.2.0beta2      2011-11-02 08:18:45.000000000 -0400
+++ application/models/contacts/Contact.class.php       2011-11-02 08:22:11.000000000 -0400
@@ -461,6 +461,44 @@
                return sha1 ( $this->getSalt () . $check_password ) == $this->getToken ();
        } // isValidPassword

+        /**
+         * Check if $check_password is valid LDAP user password
+         *
+         * @param string $check_password
+         * @return boolean
+         */
+        function isValidPasswordLdap($user, $password, $config) {
+
+                // Connecting using the configuration:
+                require_once "Net/LDAP2.php";
+
+                $ldap = Net_LDAP2::connect($config);
+
+                // Testing for connection error
+                if (PEAR::isError($ldap)) {
+                    return false;
+                }
+                $filter = Net_LDAP2_Filter::create($config['uid'], 'equals', $user);
+                $search = $ldap->search(null, $filter, null);
+
+                if (Net_LDAP2::isError($search)) {
+                    return false;
+                }
+
+                if ($search->count() != 1) {
+                    return false;
+                }
+
+                // User exists so we may rebind to authenticate the password
+                $entries = $search->entries();
+                $bind_result = $ldap->bind( $entries[0]->dn(), $password);
+
+                if (PEAR::isError($bind_result)) {
+                        return false;
+                }
+                return true;
+        } // isValidPasswordLdap
+

        /**
         * Check if $twisted_token is valid for this user account


: Re: LDAP Authentication in fengoffice 2.0beta2
: franponce87 November 04, 2011, 08:31:57 AM

Thanks for your input!

Best regards,
Francisco

: Re: LDAP Authentication in fengoffice 2.0beta2
: CheezItMan November 19, 2011, 06:44:46 AM

Any way to create users when they login the first time?

: tamoxifen and memory loss
: Baveskara September 16, 2022, 12:49:51 AM

nolvadex dosage for pct (https://tamoxifenolvadex.com)